* Posts by Venerable and Fragrant Wind of Change

238 posts • joined 21 Oct 2019


Section 230 supporters turn on it, its critics rely on it. Up is down, black is white in the crazy world of US law

Venerable and Fragrant Wind of Change

Not actually true. Web-based discussion fora were emerging (I put up my first in 1995 run by a set of Perl scripts), and Geocities had become the first big-name freebie host.

Usenet was of course much longer-established, and the experience of usenet trolling[1] presumably informed the debate that led to Section 230.

[1] As misunderstood by the media to give us today's use of the word.

Senior GitLab exec resigns over plan to stop hiring engineers in China and Russia

Venerable and Fragrant Wind of Change

Re: Security

What the forriner in Blighty needs is Gerard Hoffnung's guide (about five minutes in on that link).

Venerable and Fragrant Wind of Change

I expect that list is based on the proportion of the population engaged in pure-criminal activity. So those working for, or sanctioned by, government or other recognised employer are excluded.

Venerable and Fragrant Wind of Change

Thumbs up

... and a virtual pint, for a senior exec prepared to take a principled stand.

Teachers: Make your pupils' parents buy them an iPad to use at school. Oh and did you pack sunglasses for the Apple-funded jolly?

Venerable and Fragrant Wind of Change

Re: Exclusive devices need in Schools

My recollection of ink pens is that they were totally messy for right-handers too.

Perhaps cleaner options exist. Maybe if your budget is in the ballpark of an ipad? Hang on ... I don't even know how much that is. Maybe the budget for a macbook pro?

Venerable and Fragrant Wind of Change


I wonder just which is the worse,

the void, or the apple's new curse?

The ipad for all,

or no textbook at all,

Like the background that brought you this verse?

Venerable and Fragrant Wind of Change

Likewise - in theory.

But those textbooks weren't usable. Tatty, soggy, fallen apart, and above all, they stank. Not something you ever wanted to touch, let alone open.

Hyphens of mass destruction: When a clumsy finger meant the end for hundreds of jobs

Venerable and Fragrant Wind of Change

End of life care

I worked for Sun at the time they died.

Shortly after, Oracle and I parted company, and I had to return my chunky Sun workstation. But first, remove all private ssh and pgp keys that had been used on it. Hack up a utility to zero a file before deleting it, and run with recursive find on sensitive directories. And on the whole of /home for good measure. Oh, yeah, better do /var/ as well. And ... did I ever put anything under /root/ ?

Of course it had been running zfs, so that wasn't enough. Ho, hum. Boot from another medium and zap the filesystem from low level with dd to the device; ship it back with a fresh bare-bones install on a repartition-and-newfs (which from memory was not OpenSolaris but FreeBSD - a minor exercise of the inner BOFH). Feel a low-level bereavement for the workstation. Now even if it falls into the hands of someone evil, I'm not a high-enough-value target to merit searching for the ghost of any residual data.

Venerable and Fragrant Wind of Change

Aliased rm

I'm fairly certain that everyone who has ever used *nix in anger has an inadvertent recursive delete story of one sort or another. It's almost a rite of passage.

Where I worked for much of the '90s, our sysop knew better. He aliased various 'dangerous' system commands to protect users from ourselves. Hence "rm" became "rm -i".

Whether that saved anyone from a nasty accident is not recorded. My suspicion is it's more likely to have caused accidents, when someone who has learned on the job that rm asks for confirmation finds out the hard way that that was non-standard. But that wouldn't be on the BOFH-in-question's turf.

For those of us who already knew the standard rm, it was just infuriating. I just overrode all such aliases in my .rc. If I wanted an alias, I'd use something that wasn't a standard command name.

Morrisons is to blame for 100k payroll theft and leak, say 9,000 workers

Venerable and Fragrant Wind of Change

Verdict next year

Isn't Lady Hale about to retire? If the verdict is next year, does that mean it'll be from one of her colleagues, perhaps without the spider?

Here are some deadhead jobs any chatbot could take over right now

Venerable and Fragrant Wind of Change

Re: Your list

Plumber came. Plumber fixed shower, and I've just enjoyed it for the first time in quite a while.

Once in a while, something goes right. I hope this is one such occasion.

Though I expect a robot plumber might've charged fewer arms and legs for the job.

Venerable and Fragrant Wind of Change
Thumb Up

Re: "Microsoft scammers"

Andy, that sounds like a fine comedy sketch. Are you on youtube or similar, and if not, why not?

Venerable and Fragrant Wind of Change

Your list

1. Your autonomous coffee could perhaps be describing Costa Express (no intelligence necessary). Or even some of the truly dire machine coffee of earlier times.

2. You know very well many of them do it. That's probably why people warm to any politician who can go off-script. Even a Boris, Trump, or Corbyn.

3. Dammit, I'm waiting for my plumber right now! I wonder if an AI could fix my shower?

When the IT department speaks, users listen. Or face the consequences

Venerable and Fragrant Wind of Change

Yeah, I took that for a figure of speech :)

Venerable and Fragrant Wind of Change

My recollection of the '90s was of Unix boxes with NFS-mounted $home. So "user knows better" wasn't an option.

It was also the era of old-style ethernet connections, where removing one node would freeze the whole network (well, OK, by '98 that era was ending). On a roll with my work? Whoops, everything freezes, lost my train of thought.

Wouldn't it be nice if there were some utility that would periodically (maybe we could call it cron) sync up a local drive with a network one (maybe call it rsync) to give users a best-of-both-worlds?

Venerable and Fragrant Wind of Change

Re: User ignore email

What you describe may be a classic "Everyone does it" syndrome. What sanction was applied to your students who got caught?

Enlisting the Student Union presumably then broke that syndrome. Which suggests that that Union has credibility in your institution, and is good at communicating a message.

Morrisons tells top court it's not liable for staffer who nicked payroll data of 100,000 employees

Venerable and Fragrant Wind of Change

Re: Depends if decent efforts at data security made by Morrisons

And if Morrisons' had contracted a BOFH to secure their data, but the BOFH then nicks and abuses everything?

Or the BOFH leaves a backdoor (government-mandated or otherwise) not authorised nor known by Morrisons?

Surely there has to be an element of Good Faith in the argument here!

Socket to the energy bill: 5-bed home with stupid number of power outlets leaves us asking... why?

Venerable and Fragrant Wind of Change

My new house

No, not quite so many power points. But lots and lots of lights: recessed ceiling lights and spotlights all over the place.

I never realised quite how useless they are. In my previous place I had a single old-fashioned ceiling light in each of the main rooms, and they did a better job than 8 or 12 recessed lights here. Worst is the kitchen, where despite nine recessed lights and four spots I struggle to find a spot with sufficient light for regular cooking tasks.

Venerable and Fragrant Wind of Change

Re: Forget the risk of fire spreading through the holes in the wall

If it's from 1860 (and still standing), it has some structure.

I expect some modern houses might still be standing 100 or even 160 years hence. Firmly away from today's mass-market builders, of course.

Cambridge boffins and Google unveil open-source OpenTitan chip – because you never know who you can trust

Venerable and Fragrant Wind of Change

Re: I don't know

Jon 37: Exactly.

It's bootstraps all the way down. And Open Bootstraps are Good.

'Peregrine falcon'-style drone swarms could help defend UK against Gatwick copycat attacks

Venerable and Fragrant Wind of Change

Evil terrorist scum? ITYM regular teenager!

Oh, I see what you did. Bunch of teenagers hatch elaborate plot to make it sound altogether more credible than last year's Gatwick effort.

Venerable and Fragrant Wind of Change
Thumb Up

Re: So you have a drone...

Damn you Ossian, I was going to mention her. Have an upvote anyway!

Before you high-five yourselves for setting up that bug bounty, you've got the staff in place to actually deal with security, right?

Venerable and Fragrant Wind of Change

She's missing the most fundamental step

I like "Bug bounties make more money the less secure you are." But that already assumes you have the expertise to sort the wheat from the chaff: real bugs from bounty-hunters reporting non-issues.

In at least some open source communities, we have to go one further than that. The developers have that expertise, but as volunteers we really don't want to spend our precious time going through a lot of spurious reports attracted by bug bounties. So when someone sponsors a bug bounty programme on our software, we ask that they take the bug reports and pre-screen them, so that only reports that appear at least credible will make it through to us. Of course people can still report to us directly, but then that's outside the bug bounty programme.

GitLab mulls ban on hiring Chinese and Russian support staff because 'security'

Venerable and Fragrant Wind of Change

Next Up ...

No hiring from any country that fails to ban Huawei. And maybe Kaspersky.

Baffled by bogus charges on your Amazon account? It may be the work of a crook's phantom gadget

Venerable and Fragrant Wind of Change


The banks and creditcard providers must be bearing a fair whack of the cost of this where they're the ones required by law to reimburse consumers.

I wonder if Visa and Mastercard might need to consider/threaten their ultimate sanction - to withdraw their service from Amazon?

If you're going to exploit work's infrastructure to torrent, you better damn well know how to hide it

Venerable and Fragrant Wind of Change

Re: Bitcoin mining for fun and profit

Could that become a story for this very column?

Venerable and Fragrant Wind of Change

Re: "he didn't dare put anything into a company calendar"

I hope we all learn from our mistakes.

But don't you think 'Rob' would perhaps have learned more from it if he'd got caught and paid a high price? It's life's big blows that can be really character-building.

Venerable and Fragrant Wind of Change

Re: i don't know...

Oh, definitely more to the blame side.

Many in this column make an honest mistake, then 'fess up and all is well. 'Rob' didn't: he abused the system, and his every subsequent action was to cover his own unapologetic arse. He put his coverup ahead of backing out of the problem he'd caused and restoring normality at the first opportunity.

But on the upside, one to make this column live up to its name and mission!

Cubans launching sonic attacks on US embassy? Not what we're hearing, say medical boffins

Venerable and Fragrant Wind of Change

Re: Tinnitus

You've 'ad it easy. Cicadas may be loud when they're in the trees all around you, but they're positive bliss compared to a neighbour who regularly inflicts a stereo on you!

Delayed, over-budget smart meters will be helpful – when Blighty enters 'Star Trek phase'

Venerable and Fragrant Wind of Change

Re: Thank you Lord Duncan

Happily most people can't, and probably never will be able to, afford those newfangled horseless carriages.

Venerable and Fragrant Wind of Change

Re: None of the mooted advantages need smart meters anyway

A decent freezer can cope with many hours of power cut. As can many systems whose purpose is to maintain a temperature within a confined space. A generation of freezers responsive to smart power management is perfectly plausible.

Though the role of smart meters in that is unclear - unless they're genuinely smart enough to notify the freezer in real time when dynamic power prices rise/fall.

Venerable and Fragrant Wind of Change

Re: Couldn't have one even if I wanted it

Let me guess.

The assessor gave his honest opinion.

His office was being heavily leaned on by government targets. Hence "it'll do no good" becomes "let's do it".

Venerable and Fragrant Wind of Change

Re: Couldn't have one even if I wanted it

I've got a river - a source that's continually renewing - yet I can't find anyone who'll quote me for installing a heat pump.

Venerable and Fragrant Wind of Change

Re: Complete and utter waste of money unless you want to spy on people

Bugger tumble drying. Just hang them in whatever room you have (bedsitter included), with a dehumidifier running. The dry air does the job even when outside is cold, damp and dark.

Venerable and Fragrant Wind of Change

Re: You learn something new everyday

What does the IKEA cwtch do?

Venerable and Fragrant Wind of Change

Re: It's about money

There's a long history of 'hacking' power meters for free electricity.

I was talking to my plumber[1] today. He was telling me about when he worked for the Gas Board and one of his tasks was to replace coin-fed meters with regular read-and-pay-quarterly meters. None of the customers wanted the change, cos they'd all figured out how to get their coins back from the meters, for the noble purpose of recycling them.

[1] He's installing a new bathroom for me.

Bet you can't guess what I'm wearing, or where I'm wearing it

Venerable and Fragrant Wind of Change

Oldfashioned spam ain't targeted

I make no efforts to leave a false trail, nor to hide where I live. A Reg reader who could be arsed will find sufficient information to figure out who I am and where I live, and a fair amount about my interests and activities. Hiding that seems futile: if the Assassins Guild were to get a commission on me, they could already track me down by more traditional means.

I still get spam in a range of languages, some of which I can't even read. In fact I think most of it is foreign and firmly aimed at inhabitants of other countries (indeed, often continents), possibly because my spam filter speaks better English than Russian, Korean, Arabic, or .... dammit, even Spanish. So no surprise when my prize is denominated in OZ$, or any other currency I may or may not have heard of.

IT protip: Never try to be too helpful lest someone puts your contact details next to unruly boxen

Venerable and Fragrant Wind of Change

Re: Where were you 20 years ago?

20 years ago? I was failing to get any interest for my neat ideas of what the Web could bring us. Like my 1997 implementation of the idea that later saw the light in forms like google docs.

Venerable and Fragrant Wind of Change

Re: On-call???

The correct answer would have been ...

A correct answer for someone who places more value on pay than on his own peace.

Oh, wait, you mean the idea is that the exorbitant claim motivates management to restore his peace? Who knows how that might end up ... unintended consequences and all that.

OK then, it's the correct answer for someone with strong nerves and thick skin, happy to raise the stakes and possibly burn bridges. Not all of us have the personality for that.

A stranger's TV went on spending spree with my Amazon account – and web giant did nothing about it for months

Venerable and Fragrant Wind of Change

Re: Blergh.

Am I the only one too paranoid to have added payment cards in the first place?

And I don't just mean Amazon. With a macbook and an android 'phone, that's two app stores that keep asking me for a card they can hold permanently.

Europe's digital identity system needs patching after can_we_trust_this function call ignored

Venerable and Fragrant Wind of Change

Re: Naming no names ...

As in, Bourne shell? He must be getting on a bit by now!

Venerable and Fragrant Wind of Change

Naming no names ...

There are a handful of "usual suspects" in Government IT projects. Do we have a familiar name here?

Venerable and Fragrant Wind of Change

Sorry to ignore the tongue-in-cheek, but if the system is available to the world at large to verify a citizen online, then brexit won't stop UK biz using it in applications like KYC.

Venerable and Fragrant Wind of Change

Re: Why the change?

We can only speculate, but perhaps the function (or function call) in question was a new capability?

What a bunch of dopes! Fancy Bear hackers take aim at drug-testing orgs

Venerable and Fragrant Wind of Change

Re: Doping - an irregular verb

Oh my, that was quick. The story of Richard Freeman's tribunal hearing hit the headlines within hours.

Though if that's all, it would be a disappointingly small story. Not interesting nor new enough to call for news management.

WhatsApp slaps app hacker chaps on the rack for booby-trapped chat: NSO Group accused of illegal hacking by Facebook

Venerable and Fragrant Wind of Change

Civil case - no jail time

Remind me. How long did the 'merkin legal system hold Marcus Hutchins on suspicion of developing malware?

NSO not merely developed it, they actively marketed it. Why is this Whatsapp rather than the Government pursuing this?

Or could the feds pick this one up, as they did against Sklyarov, or even US citizen Schwartz?

AIUI the Israeli courts are not exactly toothless, either. Unless of course TPTB there protect NSO by keeping the whole thing out of court.

Running on Intel? If you want security, disable hyper-threading, says Linux kernel maintainer

Venerable and Fragrant Wind of Change

Re: Surely...

If my load is consistently high, it'll trigger an investigation. At whatever depth it takes.

Corollary: if malware lands on my system, it'll have much longer life expectancy if it refrains from doing anything to advertise itself.

Mobile operators to be stung for 10% of annual turnover if coverage falls short, digital sec warns

Venerable and Fragrant Wind of Change

Well, I guess it's a firm and pretty-much unarguable incentive to the telcos to do the right thing.

But if any of them don't want to play, mightn't the government messing them about over their choices of supplier become a jolly good excuse? We've been waiting to go for years, but the government is holding us up.

Will someone think of the taxpayer? UK.gov needs to stop burning billions on shoddy procurement, says Reform

Venerable and Fragrant Wind of Change


Not remotely surprised to see other commentards have already expressed some of the obvious cynicism.

But we can do better: what about all those useless watchdogs that already exist? Like the financial regulator, known as the Fundamentally Complicit Authority. Or perhaps even the Serious Fraud (coverup) Office.



Biting the hand that feeds IT © 1998–2020